kuzzle 2.14.3 → 2.14.5

package/lib/core/auth/tokenManager.d.ts

@@ -0,0 +1,65 @@
+import '../../types/Global';
+import { Token } from '../../model/security/token';
+/**
+ * Maintains a list of valid tokens used by connected protocols.
+ *
+ * When a token expires, this module cleans up the corresponding connection's
+ * subscriptions if any, and notify the user
+ */
+export declare class TokenManager {
+    private tokens;
+    private anonymousUserId;
+    private tokensByConnection;
+    private timer;
+    constructor();
+    init(): Promise<void>;
+    runTimer(): void;
+    /**
+     * Link a connection and a token.
+     * If one or another expires, associated subscriptions are cleaned up
+     * @param token
+     * @param connectionId
+     */
+    link(token: Token, connectionId: string): void;
+    /**
+     * Unlink a connection from its associated token
+     *
+     * @param token
+     * @param connectionId
+     */
+    unlink(token: Token, connectionId: string): void;
+    /**
+     * Called when a token expires before its time (e.g. following a
+     * auth:logout action)
+     * This method removes all maintained links and cleans up the
+     * hotel clerk
+     *
+     * @param token
+     */
+    expire(token: Token): Promise<void>;
+    /**
+     * Refresh an existing token with a new one
+     *
+     * @param oldToken
+     * @param newToken
+     */
+    refresh(oldToken: Token, newToken: Token): void;
+    checkTokensValidity(): Promise<void>;
+    /**
+     * Gets the token matching user & connection if any
+     */
+    getConnectedUserToken(userId: string, connectionId: string): Token | null;
+    /**
+     * Returns the kuid associated to a connection
+     */
+    getKuidFromConnection(connectionId: string): string | null;
+    /**
+     * Adds token to internal collections
+     *
+     * @param token
+     * @param connectionId
+     */
+    private add;
+    private removeConnectionLinkedToToken;
+    private deleteByIndex;
+}

package/lib/core/auth/tokenManager.js

@@ -1,3 +1,4 @@
+"use strict";
 /*
  * Kuzzle, a backend software, self-hostable and ready to use
  * to power modern apps
@@ -18,13 +19,29 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
-'use strict';
-
-const SortedArray = require('sorted-array');
-
-const Token = require('../../model/security/token');
-
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TokenManager = void 0;
+const sorted_array_1 = __importDefault(require("sorted-array"));
+require("../../types/Global");
+const token_1 = require("../../model/security/token");
+/**
+ * Extends the Token model with a set of linked connection IDs.
+ */
+class ManagedToken extends token_1.Token {
+    constructor(token, connectionIds) {
+        super(token);
+        this.connectionIds = connectionIds;
+    }
+    /**
+     * Returns an unique string that identify a token and allows to sort them by expiration date.
+     */
+    static indexFor(token) {
+        return `${token.expiresAt};${token._id}`;
+    }
+}
 /*
  Maximum delay of a setTimeout call. If larger than this value,
  it's replaced by 1 (see setTimeout documentation)
@@ -34,277 +51,219 @@ const Token = require('../../model/security/token');
  Until this constant is exposed in NodeJS' API, we have to manually set it.
  */
 const TIMEOUT_MAX = Math.pow(2, 31) - 1;
-
 /**
- * Maintains a list of valid tokens used by real-time subscriptions
- * When a token expires, this module cleans up the corresponding connection's
- * subscriptions, and notify the user
+ * Maintains a list of valid tokens used by connected protocols.
  *
- * @class TokenManager
+ * When a token expires, this module cleans up the corresponding connection's
+ * subscriptions if any, and notify the user
  */
 class TokenManager {
-  constructor () {
-    this.anonymousUserId = null;
-
-    /*
-     * Tokens are sorted by their expiration date
-     *
-     * The token id is added to the key to handle
-     * equality between different tokens sharing
-     * the exact same expiration date
-     *
-     * We should always put infinite duration token at the end of the array
-     * because the loop that checks if a token is expired is always verifiying the first element of the array.
-     * Since an infinite token cannot be expired, if there is an infinite duration token at the first element
-     * the loop will verify the same token over and over again because the token cannot be removed from the queue
-     * and the other tokens will never be verifier.
-     */
-    this.tokens = new SortedArray([], (a, b) => {
-      if (a.idx === b.idx) {
-        return 0;
-      }
-
-      if (a.idx && a.idx[0] === '-') {
-        return 1;
-      }
-
-      if (b.idx && b.idx[0] === '-') {
-        return -1;
-      }
-
-      return a.idx < b.idx ? -1 : 1;
-    });
-    this.tokensByConnection = new Map();
-
-    this.timer = null;
-  }
-
-  async init () {
-    const anonymous = await global.kuzzle.ask('core:security:user:anonymous:get');
-    this.anonymousUserId = anonymous._id;
-  }
-
-  runTimer () {
-    if (this.tokens.array.length > 0) {
-      const delay = Math.min(this.tokens.array[0].expiresAt - Date.now(), TIMEOUT_MAX);
-
-      if (this.timer) {
-        clearTimeout(this.timer);
-      }
-
-      this.timer = setTimeout(this.checkTokensValidity.bind(this), delay);
-    }
-  }
-
-  /**
-   * Link a connection and a token.
-   * If one or another expires, associated subscriptions are cleaned up
-   * @param {Token} token
-   * @param {String} connectionId
-   */
-  link (token, connectionId) {
-    // Embedded SDK does not use tokens
-    if (! token || token._id === this.anonymousUserId) {
-      return;
-    }
-
-    const idx = getTokenIndex(token);
-    const currentToken = this.tokensByConnection.get(connectionId);
-
-    if (currentToken) {
-      if (currentToken._id === token._id) {
-        return; // Connection and Token already linked
-      }
-      this._removeConnectionLinkedToToken(connectionId, currentToken);
+    constructor() {
+        this.anonymousUserId = null;
+        this.tokensByConnection = new Map();
+        this.timer = null;
+        /*
+         * Tokens are sorted by their expiration date
+         *
+         * The token id is added to the key to handle
+         * equality between different tokens sharing
+         * the exact same expiration date
+         *
+         * We should always put infinite duration token at the end of the array
+         * because the loop that checks if a token is expired is always verifiying the first element of the array.
+         * Since an infinite token cannot be expired, if there is an infinite duration token at the first element
+         * the loop will verify the same token over and over again because the token cannot be removed from the queue
+         * and the other tokens will never be verifier.
+         */
+        this.tokens = new sorted_array_1.default([], (a, b) => {
+            if (a.idx === b.idx) {
+                return 0;
+            }
+            if (a.idx && a.idx[0] === '-') {
+                return 1;
+            }
+            if (b.idx && b.idx[0] === '-') {
+                return -1;
+            }
+            return a.idx < b.idx ? -1 : 1;
+        });
     }
-    const pos = this.tokens.search({idx});
-
-    if (pos === -1) {
-      this._add(token, [connectionId]);
-    }
-    else {
-      const data = this.tokens.array[pos];
-      data.connectionIds.add(connectionId);
-      this.tokensByConnection.set(connectionId, data);
+    async init() {
+        const anonymous = await global.kuzzle.ask('core:security:user:anonymous:get');
+        this.anonymousUserId = anonymous._id;
     }
-  }
-
-  /**
-   * Unlink a connection from its associated token
-   *
-   * @param  {Token} token
-   * @param  {String} connectionId
-   */
-  unlink (token, connectionId) {
-    // Embedded SDK does not use tokens
-    if (! token || token._id === this.anonymousUserId) {
-      return;
-    }
-
-    const idx = getTokenIndex(token);
-    const pos = this.tokens.search({ idx });
-
-    if (pos === -1) {
-      return;
+    runTimer() {
+        if (this.tokens.array.length > 0) {
+            const delay = Math.min(this.tokens.array[0].expiresAt - Date.now(), TIMEOUT_MAX);
+            if (this.timer) {
+                clearTimeout(this.timer);
+            }
+            this.timer = setTimeout(this.checkTokensValidity.bind(this), delay);
+        }
     }
-
-    this._removeConnectionLinkedToToken(connectionId, this.tokens.array[pos]);
-
-    const currentToken = this.tokensByConnection.get(connectionId);
-    if (currentToken && currentToken._id === token._id) {
-      this.tokensByConnection.delete(connectionId);
+    /**
+     * Link a connection and a token.
+     * If one or another expires, associated subscriptions are cleaned up
+     * @param token
+     * @param connectionId
+     */
+    link(token, connectionId) {
+        // Embedded SDK does not use tokens
+        if (!token || token._id === this.anonymousUserId) {
+            return;
+        }
+        const idx = ManagedToken.indexFor(token);
+        const currentToken = this.tokensByConnection.get(connectionId);
+        if (currentToken) {
+            if (currentToken._id === token._id) {
+                return; // Connection and Token already linked
+            }
+            this.removeConnectionLinkedToToken(connectionId, currentToken);
+        }
+        const pos = this.tokens.search({ idx });
+        if (pos === -1) {
+            this.add(token, new Set([connectionId]));
+        }
+        else {
+            const managedToken = this.tokens.array[pos];
+            managedToken.connectionIds.add(connectionId);
+            this.tokensByConnection.set(connectionId, managedToken);
+        }
     }
-  }
-
-  /**
-   * Called when a token expires before its time (e.g. following a
-   * auth:logout action)
-   * This method removes all maintained links and cleans up the
-   * hotel clerk
-   *
-   * @param token
-   */
-  async expire (token) {
-    if (token._id === this.anonymousUserId) {
-      return;
+    /**
+     * Unlink a connection from its associated token
+     *
+     * @param token
+     * @param connectionId
+     */
+    unlink(token, connectionId) {
+        // Embedded SDK does not use tokens
+        if (!token || token._id === this.anonymousUserId) {
+            return;
+        }
+        const idx = ManagedToken.indexFor(token);
+        const pos = this.tokens.search({ idx });
+        if (pos === -1) {
+            return;
+        }
+        this.removeConnectionLinkedToToken(connectionId, this.tokens.array[pos]);
+        const currentToken = this.tokensByConnection.get(connectionId);
+        if (currentToken && currentToken._id === token._id) {
+            this.tokensByConnection.delete(connectionId);
+        }
     }
-
-    const idx = getTokenIndex(token);
-    const searchResult = this.tokens.search({idx});
-
-    if (searchResult > -1) {
-      const data = this.tokens.array[searchResult];
-
-      for (const connectionId of data.connectionIds) {
-        this.tokensByConnection.delete(connectionId);
-        await global.kuzzle.ask('core:realtime:user:remove', connectionId);
-      }
-
-      this._deleteByIndex(searchResult);
+    /**
+     * Called when a token expires before its time (e.g. following a
+     * auth:logout action)
+     * This method removes all maintained links and cleans up the
+     * hotel clerk
+     *
+     * @param token
+     */
+    async expire(token) {
+        if (token._id === this.anonymousUserId) {
+            return;
+        }
+        const idx = ManagedToken.indexFor(token);
+        const searchResult = this.tokens.search({ idx });
+        if (searchResult > -1) {
+            const managedToken = this.tokens.array[searchResult];
+            for (const connectionId of managedToken.connectionIds) {
+                this.tokensByConnection.delete(connectionId);
+                await global.kuzzle.ask('core:realtime:user:remove', connectionId);
+            }
+            this.deleteByIndex(searchResult);
+        }
     }
-  }
-
-  /**
-   * Refresh an existing token with a new one
-   *
-   * @param  {Token} oldToken
-   * @param  {Token} newToken
-   */
-  refresh (oldToken, newToken) {
-    const
-      oldIndex = getTokenIndex(oldToken),
-      pos = this.tokens.search({idx: oldIndex});
-
-    // If the old token has been created and then refreshed within the same
-    // second, then it has the exact same characteristics than the new one.
-    // This should never happen, though, especially if we add at least 1
-    // real-time subscribe in the middle of the login+refresh sequence (all
-    // within the same second) but, oh, well... it costs nothing to fix a
-    // potentially very, very, very hard to debug random problem before it
-    // occurs
-    if (pos > -1 && oldToken._id !== newToken._id) {
-      const connectionIds = this.tokens.array[pos].connectionIds;
-
-      this._add(newToken, connectionIds);
-
-      // Delete old token
-      this._deleteByIndex(pos);
+    /**
+     * Refresh an existing token with a new one
+     *
+     * @param oldToken
+     * @param newToken
+     */
+    refresh(oldToken, newToken) {
+        const oldIndex = ManagedToken.indexFor(oldToken);
+        const pos = this.tokens.search({ idx: oldIndex });
+        // If the old token has been created and then refreshed within the same
+        // second, then it has the exact same characteristics than the new one.
+        // This should never happen, though, especially if we add at least 1
+        // real-time subscribe in the middle of the login+refresh sequence (all
+        // within the same second) but, oh, well... it costs nothing to fix a
+        // potentially very, very, very hard to debug random problem before it
+        // occurs
+        if (pos > -1 && oldToken._id !== newToken._id) {
+            const connectionIds = this.tokens.array[pos].connectionIds;
+            this.add(newToken, connectionIds);
+            // Delete old token
+            this.deleteByIndex(pos);
+        }
     }
-  }
-
-  async checkTokensValidity() {
-    const arr = this.tokens.array;
-
-    // API key can never expire (-1)
-    if (arr.length > 0 && (arr[0].expiresAt > 0 && arr[0].expiresAt < Date.now())) {
-      const connectionIds = arr[0].connectionIds;
-
-      arr.shift();
-
-      for (const connectionId of connectionIds) {
-        await global.kuzzle.ask('core:realtime:tokenExpired:notify', connectionId);
-      }
-      setImmediate(() => this.checkTokensValidity());
-      return;
+    async checkTokensValidity() {
+        const arr = this.tokens.array;
+        // API key can never expire (-1)
+        if (arr.length > 0 && (arr[0].expiresAt > 0 && arr[0].expiresAt < Date.now())) {
+            const connectionIds = arr[0].connectionIds;
+            arr.shift();
+            for (const connectionId of connectionIds) {
+                await global.kuzzle.ask('core:realtime:tokenExpired:notify', connectionId);
+            }
+            setImmediate(() => this.checkTokensValidity());
+            return;
+        }
+        if (arr.length > 0) {
+            this.runTimer();
+        }
     }
-
-    if (arr.length > 0) {
-      this.runTimer();
+    /**
+     * Gets the token matching user & connection if any
+     */
+    getConnectedUserToken(userId, connectionId) {
+        const token = this.tokensByConnection.get(connectionId);
+        return token && token.userId === userId ? token : null;
     }
-  }
-
-  /**
-   * Gets the token matching user & connection if any
-   *
-   * @param {string} userId
-   * @param {string} connectionId
-   * @returns {Token}
-   */
-  getConnectedUserToken(userId, connectionId) {
-    const data = this.tokensByConnection.get(connectionId);
-
-    return data && data.userId === userId
-      ? new Token({...data, connectionId})
-      : null;
-  }
-
-  /**
-   * Returns the token associated to a connection
-   */
-  getToken (connectionId) {
-    return this.tokensByConnection.get(connectionId);
-  }
-
-  /**
-   * Adds token to internal collections
-   *
-   * @param {Token} token
-   * @param {string} connectionId
-   * @private
-   */
-  _add(token, connectionIds) {
-    const data = Object.assign({}, token, {
-      connectionIds: new Set(connectionIds),
-      idx: getTokenIndex(token)
-    });
-
-    for (const connectionId of connectionIds) {
-      this.tokensByConnection.set(connectionId, data);
+    /**
+     * Returns the kuid associated to a connection
+     */
+    getKuidFromConnection(connectionId) {
+        const token = this.tokensByConnection.get(connectionId);
+        if (!token) {
+            return null;
+        }
+        return token.userId;
     }
-    this.tokens.insert(data);
-
-    if (this.tokens.array[0].idx === data.idx) {
-      this.runTimer();
+    /**
+     * Adds token to internal collections
+     *
+     * @param token
+     * @param connectionId
+     */
+    add(token, connectionIds) {
+        const orderedToken = Object.assign({}, token, {
+            connectionIds: new Set(connectionIds),
+            idx: ManagedToken.indexFor(token)
+        });
+        for (const connectionId of connectionIds) {
+            this.tokensByConnection.set(connectionId, orderedToken);
+        }
+        this.tokens.insert(orderedToken);
+        if (this.tokens.array[0].idx === orderedToken.idx) {
+            this.runTimer();
+        }
     }
-  }
-
-  _removeConnectionLinkedToToken(connectionId, token) {
-    token.connectionIds.delete(connectionId);
-
-    if (token.connectionIds.size === 0) {
-      const pos = this.tokens.search({ idx: token.idx });
-      this._deleteByIndex(pos);
+    removeConnectionLinkedToToken(connectionId, managedToken) {
+        managedToken.connectionIds.delete(connectionId);
+        if (managedToken.connectionIds.size === 0) {
+            const pos = this.tokens.search({ idx: managedToken.idx });
+            this.deleteByIndex(pos);
+        }
     }
-  }
-
-  _deleteByIndex(index) {
-    const data = this.tokens.array[index];
-
-    if (!data) {
-      return;
+    deleteByIndex(index) {
+        const orderedToken = this.tokens.array[index];
+        if (!orderedToken) {
+            return;
+        }
+        this.tokens.array.splice(index, 1);
     }
-
-    this.tokens.array.splice(index, 1);
-  }
 }
-
-/**
- * Calculate a simple sortable token index
- * @param token
- * @returns {string}
- */
-function getTokenIndex(token) {
-  return `${token.expiresAt};${token._id}`;
-}
-
-module.exports = TokenManager;
+exports.TokenManager = TokenManager;
+//# sourceMappingURL=tokenManager.js.map

package/lib/core/realtime/hotelClerk.js

@@ -551,7 +551,7 @@ class HotelClerk {
       });
     }
 
-    const { userId } = global.kuzzle.tokenManager.getToken(connectionId);
+    const kuid = global.kuzzle.tokenManager.getKuidFromConnection(connectionId);
 
     const subscription = new Subscription(
       room.index,
@@ -559,7 +559,7 @@ class HotelClerk {
       undefined,
       roomId,
       connectionId,
-      { _id: userId });
+      { _id: kuid });
 
     global.kuzzle.emit('core:realtime:user:unsubscribe:after', {
       /* @deprecated */

package/lib/core/security/tokenRepository.js

@@ -28,7 +28,7 @@ const Bluebird = require('bluebird');
 
 const ApiKey = require('../../model/storage/apiKey');
 const { UnauthorizedError } = require('../../kerror/errors');
-const Token = require('../../model/security/token');
+const { Token } = require('../../model/security/token');
 const Repository = require('../shared/repository');
 const kerror = require('../../kerror');
 const debug = require('../../util/debug')('kuzzle:bootstrap:tokens');

package/lib/kuzzle/kuzzle.js

@@ -38,7 +38,7 @@ const PassportWrapper = require('../core/auth/passportWrapper');
 const PluginsManager = require('../core/plugin/pluginsManager');
 const Router = require('../core/network/router');
 const Statistics = require('../core/statistics');
-const TokenManager = require('../core/auth/tokenManager');
+const { TokenManager } = require('../core/auth/tokenManager');
 const Validation = require('../core/validation');
 const Logger = require('./log');
 const vault = require('./vault');

package/lib/model/security/token.d.ts

@@ -0,0 +1,29 @@
+export interface TokenContent {
+    /**
+     * Token ID (also Redis key)
+     *
+     * @example `${userId}#${jwt}`
+     */
+    _id?: string;
+    expiresAt?: number;
+    ttl?: number;
+    userId?: string;
+    connectionIds?: string[];
+    jwt?: string;
+    refreshed?: boolean;
+}
+/**
+ * Represents a token that identify an user.
+ */
+export declare class Token implements TokenContent {
+    _id: string;
+    expiresAt: number;
+    ttl: number;
+    userId: string;
+    jwt: string;
+    refreshed: boolean;
+    constructor(data?: TokenContent);
+    get type(): 'apiKey' | 'authToken';
+    static get AUTH_PREFIX(): string;
+    static get APIKEY_PREFIX(): string;
+}

package/lib/model/security/token.js

@@ -1,3 +1,4 @@
+"use strict";
 /*
  * Kuzzle, a backend software, self-hostable and ready to use
  * to power modern apps
@@ -18,32 +19,32 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
-'use strict';
-
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Token = void 0;
 /**
- * @class Token
+ * Represents a token that identify an user.
  */
 class Token {
-  constructor(data = {}) {
-    this._id = data._id || null;
-    this.expiresAt = data.expiresAt || null;
-    this.ttl = data.ttl || null;
-    this.userId = data.userId || null;
-    this.connectionId = data.connectionId || null;
-    this.jwt = data.jwt || null;
-    this.refreshed = Boolean(data.refreshed);
-  }
-
-  get type() {
-    if (this.jwt && this.jwt.startsWith(Token.APIKEY_PREFIX)) {
-      return 'apiKey';
+    constructor(data = {}) {
+        this._id = data._id || null;
+        this.expiresAt = data.expiresAt || null;
+        this.ttl = data.ttl || null;
+        this.userId = data.userId || null;
+        this.jwt = data.jwt || null;
+        this.refreshed = Boolean(data.refreshed);
+    }
+    get type() {
+        if (this.jwt && this.jwt.startsWith(Token.APIKEY_PREFIX)) {
+            return 'apiKey';
+        }
+        return 'authToken';
+    }
+    static get AUTH_PREFIX() {
+        return 'kauth-';
+    }
+    static get APIKEY_PREFIX() {
+        return 'kapikey-';
     }
-    return 'authToken';
-  }
 }
-
-Token.AUTH_PREFIX = 'kauth-';
-Token.APIKEY_PREFIX = 'kapikey-';
-
-module.exports = Token;
+exports.Token = Token;
+//# sourceMappingURL=token.js.map

package/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "kuzzle",
-  "version": "2.14.3",
+  "version": "2.14.5",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
@@ -400,9 +400,9 @@
       }
     },
     "@elastic/elasticsearch": {
-      "version": "7.14.1",
-      "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-7.14.1.tgz",
-      "integrity": "sha512-pnbh8ddXdxlQdZZfMCwxIIv8KscdhJysVI4ZAc9pBl/cUrLinAj+0gIyTgWA30cOFoKZSLlB9ZXGx6R0SJkIwg==",
+      "version": "7.13.0",
+      "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-7.13.0.tgz",
+      "integrity": "sha512-WgwLWo2p9P2tdqzBGX9fHeG8p5IOTXprXNTECQG2mJ7z9n93N5AFBJpEw4d35tWWeCWi9jI13A2wzQZH7XZ/xw==",
       "requires": {
         "debug": "^4.3.1",
         "hpagent": "^0.1.1",
@@ -7593,6 +7593,17 @@
         "winston-transport": "^4.4.0"
       },
       "dependencies": {
+        "@elastic/elasticsearch": {
+          "version": "7.15.0",
+          "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-7.15.0.tgz",
+          "integrity": "sha512-FUKvjV2IKtIiWsvBy7D+wLbSEONsmNR15RRN7P/Sb30g4ObZRHH2qGOP5PPnzxdntEkzZ8HzY7nKKXFS+3Du1g==",
+          "requires": {
+            "debug": "^4.3.1",
+            "hpagent": "^0.1.1",
+            "ms": "^2.1.3",
+            "secure-json-parse": "^2.4.0"
+          }
+        },
         "retry": {
           "version": "0.13.1",
           "resolved": "https://registry.npmjs.org/retry/-/retry-0.13.1.tgz",

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "kuzzle",
   "author": "The Kuzzle Team <support@kuzzle.io>",
-  "version": "2.14.3",
+  "version": "2.14.5",
   "description": "Kuzzle is an open-source solution that handles all the data management through a secured API, with a large choice of protocols.",
   "bin": {
     "kuzzle": "bin/start-kuzzle-server"
@@ -39,7 +39,7 @@
     "lib": "lib"
   },
   "dependencies": {
-    "@elastic/elasticsearch": "^7.14.1",
+    "@elastic/elasticsearch": "7.13.0",
     "aedes": "^0.46.1",
     "bluebird": "^3.7.2",
     "cli-color": "^2.0.0",